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In this Amendment, claims 1 and 52 are amended merely to recite the subject matter 
without any intention of narrowing the scope of any of the claims. No new matter has been 
added. Claims 1-4, 6-54 and 56-67 are pending in this patent application. Reconsideration of 
the rejection in view of the remarks below is requested. 

Applicant acknowledges that there is no claim 55 in this application through error at 
the initial filing. Applicant trusts the Office will renumber the claims appropriately to resolve 
that issue. 



The Office Action of December 28, 2005 (hereinafter the "Office Action") rejected 
claims 52-63, 66 and 67 under 35 U.S.C. §101 . Specifically, the Office Action states that the 
claims are allegedly not enabled in the technological arts nor limited to a machine. Applicant 
traverses. 

Applicant assumes that the rejection of claims 66 and 67 under 35 XJ.S.C. §101 is 
incorrect as the Office Action indicates that the rejection of claim 16 under 35 U.S.C. §101 - 
from which claims 66 and 67 depend - has been overcome. If this assumption is incorrect, 
Applicant requests a further non-final Office Action with appropriate and pertinent reasoning 
for the rejection of those claims. 

Merely to expedite prosecution and without any intention of narrowing the scope of 
the claims, claim 52 now recites a database system embodied in a tangible medium. Claim 52 
is at least patentable as a new and useful machine or manufacture as provided in 35 U.S.C. 
§101, more specifically a database system embodied in a tangible medium representing an 
organization involving directories representing entities, their characteristics, roles, and 
relationships together with their associations with cryptographic capabilities, the database 
system comprising the recited transactional components. Claims 53-54 and 56-63 depend 
from claim 52 and are therefore patentable subject matter at least for the reasons set forth 
above with respect to claim 52, and for the features they individually recite. 

Accordingly., for at least the above reasons, the rejection of the claims under 35 U.S.C. 
§101 is iravcrsed and claims 52-63, 66 and 67 are believed to be allowable. 



Rejection under 35 U.S.C. §101 
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Rejection under 35 ILS.C. §102(e) in view of G inter et al. 

The Office Action rejected claims 1-15 3 64 and 65 under 35 U.S.C. §102(e) as 
allegedly being unpatentable over U.S. Patent No. 5,892,900 to Ginter ei al. ("Ginter et al."). 
Applicant respectfully traverses the rejection because the cited portions of Ginter et al. fail to 
disclose, teach or suggest all the features recited in combination in the rejected claims. 

As noted in Applicant's specification, cryptographic representation of an organization 
has typically been defined statically, for a given time. But, such representation has limits 
especially in organizations facing structural or dynamic changes. Thus, Applicant's invention 
of claim 1 relates to control and maintenance of an operational organizational structure to 
solve, for example, management of dynamic organizations which often can face significant 
structural changes. To facilitate this control and maintenance, Applicant's method of claim 1 
associates entities with cryptographic capabilities and organizes the entities within the 
organizational structure as roles. The claimed method further maintains (i.e., changes, 
updates, etc.) the roles within the organizational structure. 

Ginter et al. is generally directed to completely different subject matter, namely 
systems and methods for electronic commerce including secure transaction management and 
electronic rights protection. 

For example, Applicant submits that the cited portions of Ginter et al. fail to disclose, 
teach or suggest "organizing entities within the organizational structure as roles through 
associating the electronic representations of entities with electronic representations of roles", 
entities which have associated cryptographic capabilities, as recited in claim 1, The 
references to "role" in die cited portions of Ginter et al- are simply inapposite to the claim 
language since the claim recites more than the word "roles". For example, none of the cited 
portions of Ginter et al. references an organizational structure or organizing entities within 
that organizational structure by associating the electronic representations of entities with 
electronic representations of roles. Rather, the cited portions of Ginter et aL merely indicate 
that participants in the electronic commerce system of Ginter et al. may adopt different roles 
but provide no disclosure, teaching or suggestion of organizing entities, which have 
associated cryptographic capabilities, within an organization structure, let alone organizing 
those entities as roles by associating corresponding electronic representations as recited in 
claim 1. 

Additionally, the cited portions of Ginter et al. fail to disclose, teach or suggest "upon 
any addition, deletion or modification of an entity, a cryptographic capability, or any of their 
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associations, maintaining roles within the organizational structure by adding, deleting or 
modifying electronic representations of the entities, cryptographic capabilities, roles, or any 
of their associations" as recited in claim 1, 

The cited portions of Ginter et al. merely disclose being able to "add, delete, and/or 
otherwise modify the specification of load modules and methods, as well as add, delete or 
otherwise modify related information." Similarly, the cited portions of Ginter et al. merely 
disclose "[h]andlers in a pathway of handling of content control information can establish, 
modify, and/or contribute to, permission, auditing, payment, and reporting control 
information related to controlling, analyzing, paying for, and/or reporting usage of, electronic 
content and/or appliances (for example, as related to usage of VDE controlled property 
content).' 5 

However, none of the cited portions of Ginter et al. discuss maintaining roles within 
an organizational structure by adding, deleting or modifying electronic representations of the 
entities, cryptographic capabilities, roles, or any of their associations, let alone to do so upon 
any addition, deletion or modification of an entity, a cryptographic capability, or any of their 
associations. There is simply no reference in those cited portions of Ginter et al. to entities of 
an organizational structure, cryptographic capabilities of entities, roles of entities, or any of 
their associations as recited in and in the context of claim 1. The cited portions of Ginter et al. 
merely refer to adding, deleting or modifying completely dissimilar arid unrelated items to the 
claimed items, such as load modules, content control information, etc. 

Therefore, Applicant respectfully submits that the cited portions of Ginter et al. fail to 
at least disclose, teach or suggest a method for control and maintenance of an operational 
organizational structure, comprising, inter alia, "associating electronic representations of 
entities with cryptographic capabilities", "organizing entities within the organizational 
structure as roles through associating the electronic representations of entities with electronic 
representations of roles", and "upon any addition, deletion or modification of an entity, a 
cryptographic capability, or any of their associations, maintaining roles within the 
organizational structure by adding, deleting or modifying electronic representations of the 
entities, cryptographic capabilities, roles, or any of their associations" as recited in claim 1. 

Claim 5 was previously cancelled and so its rejection is moot. Claims 2-4, 6-1 5, 64 
and 65 depend from claim 1 and are therefore patentable subject matter at least for the 
reasons set forth above with respect to claim 1, and for the features they recite individually. 
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Accordingly, for at least the above reasons, the rejection of claims 1-15, 64 and 65 
under 35 U,S.C §102 in view of Ginter et al. is traversed and claims 1-15, 64 and 65 are 
believed to be allowable. 

Rejection under 35 U.S.C. §102 in view of Lampson ct al. 

The Office Action rejected claims 52-63 under 35 U.S.C §102 as being unpatentable 
over Lampson et aL, "Authentication in Distributed Systems: Theory and Practice", ACM 
Transactions on Computer Systems, Vol. 10, No. 4, Nov. 1992, pgs. 265-310, Applicant 
respectfully traverses the rejection because the teachings of Lampson et al. fail to disclose, 
teach or suggest all the features recited in combination in the rejected claims. 

The Office Action has not specifically addressed the arguments made in Applicant's 
Amendment filed March 29, 2004, Response filed September 17, 2004, Submission dated 
December 17, 2004 and Amendment filed September 9, 2005. Thus, the Office Action 
continues to fail to identify specific reasons why claim 52 and its dependents are unpatentable 
in view of Lampson et al., why Applicant's previous arguments are not persuasive, and why 
these claims are not allowable in view of those arguments and Lampson et al. Accordingly, 
Applicant respectfully submits that claim 52 has not been considered as a whole and thus a 
prima facie case of unpatentability has not been established. Repetition in verbatim form of 
the rejection of claim 52 made in the first Office Action mailed October 28, 2003 is simply 
not sufficient or appropriate. 

Nevertheless, Applicant submits once again that the cited portions of Lampson et al. 
fail to at least disclose, teach or suggest a database system embodied in a tangible medium 
representing an organization involving directories representing entities, their characteristics, 
roles, and relationships together with their associations with cryptographic capabilities, the 
system comprising u a maintenance system by which said database and said cryptographic 
authorities are maintained in coordination and by authorized parties assuring the 
representation of said organization and said cryptographic capabilities are soundly associated 
as defined by the coordination directives" and "maintenance transactions acting within said 
maintenance system, maintaining a view representing an organization" as recited in claim 52. 

Lampson ei al. merely disclose a theory of authentication and a system that 
implements it. The theory is based on the notion of principal and "speaks for" relation 
between principals. The theory shows how to reason about a principal's authority by 
deducing the other principals that it can speak for. Tn particular, they describe a system that 
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passes principals efficiently as arguments or results of remote procedure calls, and handles 
public and shared key encryption, name lookup in a large name space, groups of principals, 
program loading, delegation, access control and revocation. Lampson et al. s abstract. The 
cited portions of Lampson et al. fail to at least disclose, teach or suggest a database system 
embodied in a tangible medium representing an organization involving directories 
representing entities, their characteristics, roles, and relationships together with their 
associations with cryptographic capabilities as recited in claim 52. Rather, Lampson et al. is 
directed to a security system, particularly an authentication system. 

In an embodiment, the system of Lampson et al, may make use of a certification 
authority as is well known. With respect to such a certification authority, Lampson et al. 
disclose the traditional methods of key and certificate management (including issuance, 
revocation, etc.). See, e.g., Lampson et al., pgs. 283-285. for secure communication, the 
Lampson ct al. system simply relies on, for example, checking the integrity (e.g., expiry) of 
the certificates themselves or checking certificate revocation lists but does not address, for 
example, the basic issue of the proper association of an entity to a cryptographic capability. 
Thus, Applicant submits that the cited portions of Lampson et al., particularly at pg. 270, do 
not disclose, teach or suggest a maintenance system by which the database, representing 
entities of an organization and their characteristics, roles and relationships, and the 
cryptographic capabilities are maintained in coordination and by authorized parties assuring 
the representation of the organization and such that the cryptographic capabilities are soundly 
associated as recited in claim 52. 

further, the cited portions of Lampson et al. do not disclose, teach or suggest 
"maintenance transactions acting within said maintenance system, maintaining a view 
representing an organization" as recited in claim 52. As discussed above, the cited portions of 
Lampson et al. do not disclose any sort of maintenance system. Moreover, the cited portions 
of Lampson et al. do not disclose maintaining any sort of view representing an organization. 
Page 270 of Lampson et al. merely discloses gathering of information and using algorithms to 
check whether to grant access. Applicant submits that there is just no indication that the 
gathering and checking corresponds to maintaining a view representing an organization. 

Claims 53-54 and 56-63 depend from claim 52 and are therefore patentable subject 
matter at least for the reasons set forth above with respect to claim 52, and for the features 
they individually recite. 
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Therefore, for at least the above reasons, the cited portions of Lampson et al. fail to 
disclose, suggest or teach all the features of claims 52-63, which claims are thus at least 
patentable under 35 U.S.C. §102. 

Rejection under 35 U.S.C. §l03(a) 

The Office Action rejected claims 16-51 and 66-67 under 35 U.S.C. §103(a) as being 
obvious over Lampson ct al. in view of Ginter et al. Applicant respectfully traverses the 
rejection because the cited portions of Lampson et al., Ginter et al, or any proper combination 
thereof, fail to disclose, teach or suggest all the features recited in combination in ihe rejected 
claims. 

For example, the cited portions of Lampson et al. fail to at least disclose, teach or 
suggest a system for control and maintenance of an operational structure comprising, inter 
alia, code to "maintain electronic representations of capabilities of entities", "maintain 
electronic representations of functions of entities", "maintain electronic representations of 
characteristics of entities", "maintain electronic representations of relationships of entities" 
and "change the maintained electronic representations of said entities said characteristics and 
said relationships upon an addition, deletion, or modification of a characteristic or 
relationship of the entities" as recited in claim 16. 

Applicant submits that the cited portions of Lampson et al. provide no disclosure 
regarding any software configured to "maintain electronic representations of capabilities of 
entities", such as a role in an organization (see, e.g., claim 19), "maintain electronic 
representations of functions of entities", such as an operation by a functionary in an 
organization (see, e.g., claim 22), "maintain electronic representations of characteristics of 
entities", such as an entity's size, threshold for a quorum, or visibility (see, e.g., page 21 of 
the specification) or "maintain electronic representations of relationships of entities". While 
the authentication system of Lampson et al. may be applied to an organization, Applicant 
submits there is no disclosure, suggestion, or teaching in the cited portions of Lampson et al. 
how their system or its operation can or does maintain capabilities, functions, characteristics 
and relationships of entities within organizations as recited in claim 16. Rather, the Lampson 
et al. system and its operation merely facilitates secure communication. 

Further, as admitted in the Office Action, the cited portions of Lampson et al. fail to 
provide any disclosure, teaching or suggestion regarding any software configured 10 "change 
the maintained electronic representations of said entities said characteristics and said 
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relationships upon an addition, deletion, or modification of a characteristic or relationship of 
the entities" as recited in claim 16, 

Further, assuming arguendo that Gintcr et al. and Lampson et aL are properly 
combinable (which Applicant docs not agree they arc since, for example, they pertain to 
significantly different fields of endeavor - Gintcr el al- relates to an electronic commerce 
transaction system and Lampson et aL relates to authentication in a distributed system - to 
which a person skilled in the art having regard to Applicant's field would not be commended), 
the cited portions of Gintex et al. fail to overcome the deficiencies of the cited portions of 
Lampson et al. 

For example, Applicant submits that the cited portions of Ginter et al. provide no 
disclosure regarding any software configured to "maintain electronic representations of 
capabilities of entities", such as a role in an organization (see, e.g., claim 19), "maintain 
electronic representations of functions of entities", such as an operation by a functionary in 
an organization (see, e.g., claim 22), "maintain electronic representations of characteristics of 
entities" such as an entity's size, threshold for a quorum, or visibility (see, e.g., page 21 of 
the specification) or "maintain electronic representations of relationships of entities". There is 
simply no disclosure, suggestion, or teaching by the cited portions of Ginter et al. of their 
system or its operation being able to maintain capabilities, functions, characteristics and 
relationships of entities within organizations as recited in claim 16. Such items are simply not 
referenced in the cited portions in the Office Action, 

Further, contrary to the assertion in the Office Action, Applicant submits that the cited 
portions of Ginter et al. fail to disclose, teach or suggest any software configured to "change 
the maintained electronic representations of said entities said characteristics and said 
relationships upon an addition, deletion, or modification of a characteristic or relationship of 
the entities" as recited in claim 16. 

As discussed similarly above with respect to claim 1 , none of the cited portions of 
Ginter et al. discuss changing maintained electronic representations of entities, characteristics 
and relationships, let alone do so upon an addition, deletion, or modification of a 
characteristic or relationship of the entities. There is simply no reference hi those cited 
portions of Ginter et al- to entities of an organizational structure, characteristics of entities or 
the relationships of entities as recited in and in the context of claim 16, let alone changing 
maintained representations of entities, characteristics and relationships. The cited portions of 
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Ginter et al. merely refer to adding, deleting or modifying completely dissimilar and 
unrelated items to the claimed items, such as load modules, content control information, etc. 

Claims 1 7-5 1 7 66 and 67 depend from claim 16 and are therefore patentable subject 
matter at least for the reasons set forth above with respect to claim 16, and for the features 
they individually recite. 

Thus, for at least the above reasons, the cited portions of Ginter et al. and Lampson et 
al, fail to disclose, suggest or teach all the features of claims 16-51, 66 and 67 and are thus 
allowable . 

All rejections having been addressed, it is respectfully submitted that the present 
application is in condition for allowance. If questions relating to patentability remain, the 
examiner is invited to contact the undersigned to discuss them. 

Should any fees be due, please charge them to our deposit account no. 03-3975, under 
our order no. 061047/0265650. The Commissioner for Patents is also authorized to credit any 
over payments to the above-referenced deposit account. 




Respectfully submitted, 



OP SHAW PITTMAN LLP 



JGH 

P.O. Box 10500 
McLean, VA 22102 
Fax No. 703-770-7901 
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